From a21a06afd9907e9911dcb166d902cba9f405c7cb Mon Sep 17 00:00:00 2001
From: Harrison Healey <harrisonmhealey@gmail.com>
Date: Thu, 11 May 2017 16:32:14 -0400
Subject: PLT-6556 Fixed last member of a channel not being able to delete
 channel with api v4 (#6397)

---
 api4/channel.go      | 19 ++++++++++++++-----
 api4/channel_test.go | 10 ++++++++++
 2 files changed, 24 insertions(+), 5 deletions(-)

(limited to 'api4')

diff --git a/api4/channel.go b/api4/channel.go
index 6daf43c74..522d6cfb9 100644
--- a/api4/channel.go
+++ b/api4/channel.go
@@ -482,14 +482,23 @@ func deleteChannel(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL) {
-		c.SetPermissionError(model.PERMISSION_DELETE_PUBLIC_CHANNEL)
+	var memberCount int64
+	if memberCount, err = app.GetChannelMemberCount(c.Params.ChannelId); err != nil {
+		c.Err = err
 		return
 	}
 
-	if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL) {
-		c.SetPermissionError(model.PERMISSION_DELETE_PRIVATE_CHANNEL)
-		return
+	// Allow delete if user is the only member left in channel
+	if memberCount > 1 {
+		if channel.Type == model.CHANNEL_OPEN && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PUBLIC_CHANNEL) {
+			c.SetPermissionError(model.PERMISSION_DELETE_PUBLIC_CHANNEL)
+			return
+		}
+
+		if channel.Type == model.CHANNEL_PRIVATE && !app.SessionHasPermissionToChannel(c.Session, channel.Id, model.PERMISSION_DELETE_PRIVATE_CHANNEL) {
+			c.SetPermissionError(model.PERMISSION_DELETE_PRIVATE_CHANNEL)
+			return
+		}
 	}
 
 	err = app.DeleteChannel(channel, c.Session.UserId)
diff --git a/api4/channel_test.go b/api4/channel_test.go
index 345bbefaf..c2c1bcf56 100644
--- a/api4/channel_test.go
+++ b/api4/channel_test.go
@@ -1006,6 +1006,16 @@ func TestDeleteChannel(t *testing.T) {
 
 	_, resp = th.SystemAdminClient.DeleteChannel(privateChannel7.Id)
 	CheckNoError(t, resp)
+
+	// last member of a channel should be able to delete it regardless of required permissions
+	publicChannel6 = th.CreateChannelWithClient(th.Client, model.CHANNEL_OPEN)
+	privateChannel7 = th.CreateChannelWithClient(th.Client, model.CHANNEL_PRIVATE)
+
+	_, resp = Client.DeleteChannel(publicChannel6.Id)
+	CheckNoError(t, resp)
+
+	_, resp = Client.DeleteChannel(privateChannel7.Id)
+	CheckNoError(t, resp)
 }
 
 func TestGetChannelByName(t *testing.T) {
-- 
cgit v1.2.3-1-g7c22